/// <summary>
/// Create a signing-certificate-v2 from a certificate.
/// </summary>
/// <param name="certificate">The signing certificate.</param>
/// <param name="hashAlgorithm">The hash algorithm for the signing-certificate-v2 attribute.</param>
public static CryptographicAttributeObject CreateSigningCertificateV2(
X509Certificate2 certificate,
Common.HashAlgorithmName hashAlgorithm)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
var signingCertificateV2 = SigningCertificateV2.Create(certificate, hashAlgorithm);
var bytes = signingCertificateV2.Encode();
var data = new AsnEncodedData(Oids.SigningCertificateV2, bytes);
return(new CryptographicAttributeObject(
new Oid(Oids.SigningCertificateV2),
new AsnEncodedDataCollection(data)));
}
public void Create_WithValidInput_ReturnsSigningCertificateV2(HashAlgorithmName hashAlgorithmName)
{
using (var certificate = _fixture.GetDefaultCertificate())
{
var signingCertificateV2 = SigningCertificateV2.Create(certificate, hashAlgorithmName);
Assert.Equal(1, signingCertificateV2.Certificates.Count);
var essCertIdV2 = signingCertificateV2.Certificates[0];
Assert.Equal(hashAlgorithmName, CryptoHashUtility.OidToHashAlgorithmName(essCertIdV2.HashAlgorithm.Algorithm.Value));
Assert.Equal(SigningTestUtility.GetHash(certificate, hashAlgorithmName), essCertIdV2.CertificateHash);
Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count);
Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);
SigningTestUtility.VerifySerialNumber(certificate, essCertIdV2.IssuerSerial);
Assert.Null(signingCertificateV2.Policies);
}
}
